- Add full TOR hidden service support for exposing AISBF over TOR network
- Create aisbf/tor.py module with TorHiddenService class
- Add TorConfig model to config.py for TOR configuration
- Update config/aisbf.json with TOR settings
- Integrate TOR service into main.py with startup/shutdown handlers
- Add TOR configuration UI to dashboard settings with real-time status
- Add get_tor_status MCP tool for monitoring TOR service
- Update README.md and DOCUMENTATION.md with TOR guides
- Add stem library dependency to requirements.txt
- Bump version to 0.5.0 in pyproject.toml
- Support both ephemeral and persistent hidden services
- All AISBF endpoints accessible over TOR network

- Add MCP features to README.md key features
- Add MCP configuration section to dashboard settings page
- Add MCP form handling in main.py dashboard_settings_save
- Add comprehensive MCP documentation to API_EXAMPLES.md

- Implement MCP server module (aisbf/mcp.py) with SSE and HTTP stream support
- Add two authentication levels: autoselect-only and fullconfig
- Add MCP configuration to config/aisbf.json (disabled by default)
- Add MCP endpoints to main.py: GET/POST /mcp, GET /mcp/tools, POST /mcp/tools/call
- Both token types give access to standard APIs (list_models, chat_completion)
- autoselect_tokens: access to autoselection/autorotation settings
- fullconfig_tokens: access to full system configuration including providers

This allows remote agents to configure the system and/or just the
autoselections/rotations, as well as make requests for models.

Proxy-Awareness:
- Added ProxyHeadersMiddleware to detect and handle reverse proxy headers
- Implemented get_base_url() and url_for() helper functions for proxy-aware URL generation
- Updated all RedirectResponse calls to use url_for()
- Updated templates/base.html to use url_for() for all links and fetch calls
- Added comprehensive nginx proxy configuration examples to DOCUMENTATION.md
- Supports X-Forwarded-Proto, X-Forwarded-Host, X-Forwarded-Port, X-Forwarded-Prefix, X-Forwarded-For headers
- Application now fully supports deployment behind reverse proxies with subpaths

Configurable Error Cooldown:
- Added error_cooldown field to Model class in aisbf/models.py
- Added error_cooldown to ProviderModelConfig in aisbf/config.py
- Added default_error_cooldown to ProviderConfig in aisbf/config.py
- Added default_error_cooldown to RotationConfig in aisbf/config.py
- Updated BaseProviderHandler.record_failure() in aisbf/providers.py to use cascading cooldown configuration
- Cooldown configuration follows cascading pattern: model-specific > provider default > system default (300 seconds)
- Updated DOCUMENTATION.md with error_cooldown configuration examples
- Updated AI.PROMPT with error_cooldown documentation

Both features are fully documented and ready for production use.

- Updated Key Features section to mention Kiro (Amazon Q Developer) alongside other providers
- Ensures Kiro is prominently featured in the project overview

- Updated README.md to list Kiro (Amazon Q Developer / AWS CodeWhisperer) as a supported provider
- Updated DOCUMENTATION.md Provider Support section with Kiro details
- Kiro provider uses native authentication (IDE credentials or CLI)
- Supports Claude models through Kiro with streaming, tool calling, and extended thinking

- Deleted KIRO_GATEWAY.md and KIRO_INTEGRATION.md
- AISBF has native Kiro support built-in via KiroProviderHandler
- No need for external kiro-gateway integration documentation

- Removed vendor/kiro-gateway submodule/directory as Kiro support is fully integrated into AISBF
- Updated KIRO_GATEWAY.md to reference external GitHub repository (https://github.com/jwadow/kiro-gateway)
- Updated AI.PROMPT to remove vendor directory reference
- Kiro integration remains fully functional through KiroProviderHandler

- Add bs4 to requirements.txt (required by debgpt)
- Pin protobuf to >=3.20,<4 to fix compatibility with electrum
- Resolves dependency conflicts

- Add pip_install() function that detects externally-managed-environment errors
- Automatically retry with --break-system-packages flag when needed
- Improves compatibility with modern Linux distributions that use PEP 668

- Implement intelligent 429 rate limit parsing in providers
  - Parse Retry-After and X-RateLimit-Reset headers
  - Extract wait time from response body fields
  - Parse error messages for time patterns
  - Automatically disable providers for exact duration specified

- Update aisbf.sh to read port from config file dynamically
  - Add get_port() function to parse aisbf.json
  - Remove hardcoded port 17765
  - Show port number when starting server

- Implement SHA256 password hashing for dashboard
  - Store password as hash in aisbf.json
  - Hash passwords during login validation
  - Hash passwords when updating settings

- Add templates to package distribution
  - Update setup.py to include dashboard templates
  - Update MANIFEST.in (already included templates)
  - Add aisbf.json to package

- Update documentation
  - Add OpenAI-compatible v1 endpoints to README
  - Add dashboard endpoints documentation
  - Create comprehensive API_EXAMPLES.md with examples in cURL, Python, and JavaScript

- Add GPL license headers to all template files
  - HTML templates in templates/ directory
  - JavaScript code in templates/base.html

All changes maintain backward compatibility while adding new features.

- Added jinja2 and itsdangerous dependencies to requirements.txt
- Created templates directory with base layout and dashboard pages
- Implemented login/logout with session-based authentication
- Added dashboard overview page showing server stats
- Added configuration editors for:
  - Providers (providers.json)
  - Rotations (rotations.json)
  - Autoselect (autoselect.json)
  - Condensation prompts (markdown files)
  - Server settings (aisbf.json)
- Dashboard accessible at /dashboard with configurable username/password
- Session middleware with secure random secret key
- Authentication middleware skips dashboard routes
- All config changes saved to ~/.aisbf/ directory
- Dashboard config loaded from aisbf.json (username, password)
- Default credentials: admin/admin

- Changed default port from 8000 to 17765 in config and code
- Added command-line argument parsing with argparse
- Added --config flag to specify custom config directory
- Added --host, --port flags to override config file settings
- Added --https, --ssl-cert, --ssl-key flags for HTTPS configuration
- Added --no-auth flag to disable authentication
- CLI arguments take precedence over config file
- Updated config.py to support custom config directories via AISBF_CONFIG_DIR env var
- Config and handlers are now initialized after CLI parsing to support --config flag

- Added example tokens array to demonstrate client authentication
- When auth.enabled is true, clients must use Bearer token in Authorization header
- Tokens are validated against the tokens array in aisbf.json

- Add HTTPS support with auto-generated self-signed certificates
- Add API token authentication middleware
- Update aisbf.json with protocol, SSL, and auth configuration
- Add system prompt loading method to ContextManager
- Update main() to support SSL certificates
- Add authentication check middleware for API endpoints

- Add max_context field to CondensationConfig
- Support 'internal' keyword for local HuggingFace model in condensation
- Add internal model initialization with temperature=0.3, top_p=0.8, repeat_penalty=1.1
- Create condensation system prompts (conversational, semantic)
- Add aisbf.json for server configuration (host, port, dashboard auth)
- Update main.py to read server config from aisbf.json
- Update providers.json with max_context example for condensation

- Changed autoselect prompt from single user message to system+user split
- System message contains the skill instructions
- User message contains the prompt and model list
- Set temperature to 0 for deterministic selection
- Added stop parameter: </aisbf_model_autoselection>
- Updated internal model handling to combine messages

- Centralized API key storage in providers.json only
- Added support for provider-only rotation entries (auto-selects random model)
- Added default settings hierarchy at provider and rotation levels
- Limited autoselect selection context to 10 messages or 8000 tokens
- Added support for direct provider models in autoselect (rotation/provider/model)
- Added 'internal' keyword for local HuggingFace model selection
- Updated requirements.txt with torch and transformers

- Integrated complete kiro-gateway conversion pipeline (1,522 lines)
- Added multi-source authentication (Kiro IDE, kiro-cli, env vars)
- Implemented full OpenAI <-> Kiro format conversion
- Added support for tools/function calling
- Added support for images/multimodal content
- Implemented message merging, validation, and role normalization
- Added KiroAuthManager for automatic token refresh
- Created comprehensive conversion modules:
  - aisbf/kiro_converters.py (core conversion logic)
  - aisbf/kiro_converters_openai.py (OpenAI adapter)
  - aisbf/kiro_models.py (data models)
  - aisbf/kiro_auth.py (authentication)
  - aisbf/kiro_utils.py (utilities)
- Updated KiroProviderHandler with full conversion pipeline
- Added kiro_config support to ProviderConfig
- Updated providers.json with clean Kiro examples
- Added comprehensive documentation (KIRO_INTEGRATION.md)
- Implemented model name prefixing across all providers (provider_id/model)

No external kiro-gateway server needed - all functionality built-in.

Fix Google provider tool formatting - pass function declarations directly instead of wrapping in dict

Changed line 511 to check list length instead of boolean evaluation.
This fixes the bug where tool calls extracted from Google chunks were not being
sent to clients because empty lists were being treated as falsy.

Before: 'tool_calls': delta_tool_calls if delta_tool_calls else None
After:  'tool_calls': delta_tool_calls if len(delta_tool_calls) > 0 else None

- Added extraction of function_call from Google chunk parts
- Convert Google function_call to OpenAI-compatible tool_calls format
- Track accumulated_tool_calls to calculate deltas
- Include tool_calls in the delta when present
- Send chunks when there are new tool calls, not just text

- Removed stray 'd' identifier on line 494
- Fixed indentation issues on lines 494 and 537
- File now compiles without errors

- Fixed tool conversion to create single function_declarations array
- This prevents Google from detecting malformed tool use
- Tools are now properly converted from OpenAI to Google format

Improve error message formatting by replacing semicolon separators with newlines for better readability